一、YUM 简介
YUM 的前身是 YUP(Yellow dog Updater)Yellow dog Linux 的软件更新,最初由 TSS 公司 (Terra Soft Solutions,INC.)使用 Python 语音开发而成,后由杜克大学(Duck University)的 Linux 开发队伍进行改进,命名为 YUM(Yellow dog Updater , Modified)
借助于 YUM 软件仓库,可以完成安装、卸载、自动升级 rpm 软件包等任务,能够自动 查找并解决 rpm 包之间的依赖关系,而无需管理员逐个、手工地去安装每个 rpm 包,使管 理员在维护大量 Linux 服务器时更加轻松自如。特别是拥有大量 Linux 主机的本地网络中, 构建一台源服务器可以大大缓解软件安装、升级等对 Internet 的依赖。
二、YUM 服务器的搭建
1.YUM 服务器概述
YUM 软件仓库通常借助 HTTP 或 FTP 协议来进行发布,这样可以面向网络中的所有客户机提供软件源服务。为了便于客户机查询软件包,获取依赖关系等信息,在软件仓库中需要提供仓库数据(Repodata),其中收集了目录下所有 rpm 报的头部信息。
2.准备网络安装元(服务器端)
(1)准备软件仓库目录
1> 光盘中的软件包
拷贝 Centos 7.6 第一张光盘内容到本地 FTP 服务器匿名访问用户的根目录下
[root@yumserver ~]# yum -y install vsftpd
[root@yumserver ~]# mkdir /var/ftp/centos7
[root@yumserver ~]# mount /dev/cdrom /mnt/
mount: /dev/sr0 写保护,将以只读方式挂载
[root@yumserver ~]# cp -rf /mnt/* /var/ftp/centos7/ &
[1] 9043
[root@yumserver ~]# jobs
[1]+ 运行中 cp -i -rf /mnt/* /var/ftp/centos7/ &
2> 其他软件包
[root@yumserver ~]# mkdir /var/ftp/ksh
[root@yumserver ~]# cd /var/ftp/ksh/
[root@yumserver ksh]# ls
ksh-20120801-37.el6_9.i686.rpm mksh-46-8.el7.x86_64(1).rpm
[root@yumserver ksh]# yum -y install createrepo
[root@yumserver ksh]# createrepo -v ./
Spawning worker 0 with 2 pkgs
Worker 0: reading ksh-20120801-37.el6_9.i686.rpm
Worker 0: reading mksh-46-8.el7.x86_64(1).rpm
Workers Finished
Saving Primary metadata
Saving file lists metadata
Saving other metadata
Generating sqlite DBs
Starting other db creation: Thu Mar 26 19:13:54 2020
Ending other db creation: Thu Mar 26 19:13:54 2020
Starting filelists db creation: Thu Mar 26 19:13:54 2020
Ending filelists db creation: Thu Mar 26 19:13:54 2020
Starting primary db creation: Thu Mar 26 19:13:54 2020
Ending primary db creation: Thu Mar 26 19:13:54 2020
Sqlite DBs complete
[root@yumserver ksh]# ls
ksh-20120801-37.el6_9.i686.rpm mksh-46-8.el7.x86_64(1).rpm repodata
(2)启动 vsftpd 服务并设置为开机自启
[root@yumserver ksh]# systemctl restart vsftpd
[root@yumserver ksh]# systemctl enable vsftpd
Created symlink from /etc/systemd/system/multi-user.target.wants/vsftpd.service to /usr/lib/systemd/system/vsftpd.service.
3.配置软件仓库位置(客户机端)
(1)典型的仓库配置
1> 内网 YUM 源
[root@client ~]# cd /etc/yum.repos.d/
[root@client yum.repos.d]# rm -rf *
[root@client yum.repos.d]# vim huyouba1.repo
[centos7]
name=centos7
baseurl=ftp://192.168.100.100/centos7
gpgcheck=0
enabled=1
[ksh]
name=ksh
baseurl=ftp://192.168.100.100/ksh
gpgcheck=0
enabled=1
[root@client yum.repos.d]# yum -y clean all
已加载插件:fastestmirror
正在清理软件源: centos7 ksh
Cleaning up list of fastest mirrors
Other repos take up 81 M of disk space (use --verbose for details)
[root@client yum.repos.d]# yum makecache
已加载插件:fastestmirror
Determining fastest mirrors
centos7 | 3.6 kB 00:00:00
ksh | 2.9 kB 00:00:00
(1/7): centos7/group_gz | 166 kB 00:00:00
(2/7): centos7/primary_db | 6.0 MB 00:00:00
(3/7): centos7/filelists_db | 7.1 MB 00:00:00
(4/7): centos7/other_db | 2.6 MB 00:00:00
(5/7): ksh/filelists_db | 1.2 kB 00:00:00
(6/7): ksh/primary_db | 3.2 kB 00:00:00
(7/7): ksh/other_db | 2.2 kB 00:00:00
元数据缓存已建立
[root@client yum.repos.d]# ls /var/cache/yum/x86_64/7/ //查看缓存是否生成
base centos7 extras ftp ksh timedhosts timedhosts.txt updates
测试
[root@client ~]# yum -y install bind
已加载插件:fastestmirror
Loading mirror speeds from cached hostfile
正在解决依赖关系
--> 正在检查事务
---> 软件包 bind.x86_64.32.9.9.4-72.el7 将被 安装
--> 解决依赖关系完成
依赖关系解决
=====================================================================================================================
Package 架构 版本 源 大小
=====================================================================================================================
正在安装:
bind x86_64 32:9.9.4-72.el7 centos7 1.8 M
为依赖而安装:
audit-libs-python x86_64 2.8.4-4.el7 centos7 76 k
checkpolicy x86_64 2.5-8.el7 centos7 295 k
libcgroup x86_64 0.41-20.el7 centos7 66 k
libsemanage-python x86_64 2.5-14.el7 centos7 113 k
policycoreutils-python x86_64 2.5-29.el7 centos7 456 k
python-IPy noarch 0.75-6.el7 centos7 32 k
python-ply noarch 3.4-11.el7 centos7 123 k
setools-libs x86_64 3.3.8-4.el7 centos7 620 k
事务概要
=====================================================================================================================
安装 1 软件包 (+8 依赖软件包)
总下载量:3.6 M
安装大小:10 M
Downloading packages:
bind-9.9.4-72.el7.x86_64.rpm
---------------------------------------------------------------------------------------------------------------------
总计 15 MB/s | 3.6 MB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
正在安装 : 32:bind-9.9.4-72.el7.x86_64
已安装:
bind.x86_64 32:9.9.4-72.el7
作为依赖被安装:
audit-libs-python.x86_64 0:2.8.4-4.el7 checkpolicy.x86_64 0:2.5-8.el7 libcgroup.x86_64 0:0.41-20.el7
libsemanage-python.x86_64 0:2.5-14.el7 policycoreutils-python.x86_64 0:2.5-29.el7 python-IPy.noarch 0:0.75-6.el7
python-ply.noarch 0:3.4-11.el7 setools-libs.x86_64 0:3.3.8-4.el7
完毕!
注意::因为 ksh 包在光盘中存在,所以需先修改 repo 文件后重建 yum 缓存再进行安装 测试,否则安装的是光盘中的包。
[root@client ~]# vim /etc/yum.repos.d/huyouba1.repo
[ksh]
name=ksh
baseurl=ftp://192.168.100.100/ksh
gpgcheck=0
enabled=1
[root@client ~]# yum clean all
已加载插件:fastestmirror
正在清理软件源: ksh
Cleaning up list of fastest mirrors
Other repos take up 193 M of disk space (use --verbose for details)
[root@client ~]# yum makecache
已加载插件:fastestmirror
Determining fastest mirrors
ksh | 2.9 kB 00:00:00
(1/3): ksh/filelists_db | 1.2 kB 00:00:00
(2/3): ksh/primary_db | 3.2 kB 00:00:00
(3/3): ksh/other_db | 2.2 kB 00:00:00
元数据缓存已建立
[root@client ~]# yum -y install mksh
已加载插件:fastestmirror
Loading mirror speeds from cached hostfile
正在解决依赖关系
--> 正在检查事务
---> 软件包 mksh.x86_64.0.46-8.el7 将被 安装
--> 解决依赖关系完成
依赖关系解决
=====================================================================================================================
Package 架构 版本 源 大小
=====================================================================================================================
正在安装:
mksh x86_64 46-8.el7 ksh 240 k
事务概要
=====================================================================================================================
安装 1 软件包
总下载量:240 k
安装大小:588 k
Downloading packages:
mksh-46-8.el7.x86_64(1).rpm | 240 kB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
正在安装 : mksh-46-8.el7.x86_64 1/1
验证中 : mksh-46-8.el7.x86_64 1/1
已安装:
mksh.x86_64 0:46-8.el7
完毕!
2> 公网 YUM 源
[root@client yum.repos.d]# cd /etc/yum.repos.d/
[root@client yum.repos.d]# rm -rf *
[root@client yum.repos.d]# wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
--2020-03-26 19:37:46-- http://mirrors.aliyun.com/repo/Centos-7.repo
正在解析主机 mirrors.aliyun.com (mirrors.aliyun.com)... 111.32.169.249, 111.7.110.242, 111.6.206.244, ...
正在连接 mirrors.aliyun.com (mirrors.aliyun.com)|111.32.169.249|:80... 已连接。
已发出 HTTP 请求,正在等待回应... 200 OK
长度:2523 (2.5K) [application/octet-stream]
正在保存至: “/etc/yum.repos.d/CentOS-Base.repo”
100%[===========================================================================>] 2,523 --.-K/s 用时 0s
2020-03-26 19:38:06 (106 MB/s) - 已保存 “/etc/yum.repos.d/CentOS-Base.repo” [2523/2523])
[root@client yum.repos.d]# ls
CentOS-Base.repo
[root@client yum.repos.d]# yum clean all
已加载插件:fastestmirror
Repodata is over 2 weeks old. Install yum-cron? Or run: yum makecache fast
正在清理软件源: base extras updates
Cleaning up list of fastest mirrors
Other repos take up 148 M of disk space (use --verbose for details)
[root@client yum.repos.d]# yum makecache
测试,略。注意客户机要保证可以访问外网。
(2)使用本地文件夹作为软件仓库
[root@client yum.repos.d]# vim local.repo
[local]
name=local
baseurl=file:///mnt
gpgcheck=0
enabled=1
[root@client yum.repos.d]# mount /dev/cdrom /mnt/
[root@client yum.repos.d]# yum -y clean all
[root@client yum.repos.d]# yum makecache
测试
[root@client yum.repos.d]# yum -y install ftp
已加载插件:fastestmirror
Loading mirror speeds from cached hostfile
正在解决依赖关系
--> 正在检查事务
---> 软件包 ftp.x86_64.0.0.17-67.el7 将被 安装
--> 解决依赖关系完成
依赖关系解决
=====================================================================================================================
Package 架构 版本 源 大小
=====================================================================================================================
正在安装:
ftp x86_64 0.17-67.el7 local 61 k
事务概要
=====================================================================================================================
安装 1 软件包
总下载量:61 k
安装大小:96 k
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
正在安装 : ftp-0.17-67.el7.x86_64 1/1
验证中 : ftp-0.17-67.el7.x86_64 1/1
已安装:
ftp.x86_64 0:0.17-67.el7
完毕!
三、yum 命令
1.基本操作
(1)查询软件包列表:
yum list、yum grouplist
yum list installed 查询已安装的包
yum list available 查询可以安装(未安装)的包
(2)查询软件包的描述信息:
yum info 软件包名
(3)查询指定软件包:
yum search 软件包名
(4)清理 yum 缓存:
yum -y clean all
(5)重建 yum 缓存:
yum makecache
2.针对单个安装包的操作
(1)安装:
yum -y install
(2)卸载:
yum -y remove 或 yum -y erase
(3)升级:
yum -y update
3.针对安装包组的操作
(1)安装:
yum -y groupinstall “软件包组名称”
(2)卸载:
yum -y groupremove
(3)升级:
yum -y groupupdate
选项-y 表示不进行交互,回答 yes。
四、构建自动同步公网的内网源
通过yum特有的同步协议进行同步公网源,可以将大量软件包同步到本地服务器,然后本地服务器通过http协议给内网主机使用,可以节省大量的出口带宽
1.同步公网源
首先将我们需要同步的公网源的源文件下载到本地服务器上
#下载阿里源
[root@yumserver ~]# wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
#下载epel源
[root@yumserver ~]# wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
#下载zabbix源
[root@yumserver ~]# rpm -i https://repo.zabbix.com/zabbix/4.0/rhel/7/x86_64/zabbix-release-4.0-1.el7.noarch.rpm
#配置openstack-ocata源
[root@yumserver ~]# vim /etc/yum.repos.d/CentOS-OpenStack-ocata.repo
[centos-openstack-ocata]
name=CentOS-7 - OpenStack ocata
baseurl=http://vault.centos.org/centos/7.6.1810/cloud/Source/openstack-ocata/
gpgcheck=0
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Centos-7
查看所有的源信息
[root@yumserver ~]# yum repolist
已加载插件:fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyuncs.com
* extras: mirrors.aliyuncs.com
* updates: mirrors.aliyuncs.com
源标识 源名称 状态
base/7/x86_64 CentOS-7 - Base - mirrors.aliyun.com 10,097
centos-openstack-ocata CentOS-7 - OpenStack ocata 891
epel/x86_64 Extra Packages for Enterprise Linux 7 - x86_64 13,217
extras/7/x86_64 CentOS-7 - Extras - mirrors.aliyun.com 338
updates/7/x86_64 CentOS-7 - Updates - mirrors.aliyun.com 1,787
zabbix/x86_64 Zabbix Official Repository - x86_64 131
zabbix-non-supported/x86_64 Zabbix Official Repository non-supported - x86_64 4
repolist: 26,465
安装同步yum需要用到的工具,主要是两个工具reposync和createrepo
[root@yumserver ~]# yum install createrepo yum-utils
已加载插件:fastestmirror
Loading mirror speeds from cached hostfile
* base: mirrors.aliyuncs.com
* extras: mirrors.aliyuncs.com
* updates: mirrors.aliyuncs.com
软件包 createrepo-0.9.9-28.el7.noarch 已安装并且是最新版本
软件包 yum-utils-1.1.31-52.el7.noarch 已安装并且是最新版本
无须任何处理
开始同步公网源,需要大量的时间,取决于网速
#创建一个用来同步源的存放目录,需要大约50G的空间
[root@yumserver ~]# mkdir /mirrors
#开始同步
[root@yumserver ~]# reposync -p /mirrors/
#同步完成后查看
[root@yumserver ~]# ls /mirrors
base centos-ceph-jewel centos-qemu-ev extras updates centos-openstack-ocata epel zabbix zabbix-non-supported
同步完成以后需要建立元数据文件才能正常使用(在每个存放软件包的目录下创建数据文件)
#分别建立元数据文件
[root@yumserver ~]# createrepo --update /mirrors/base/Packages
[root@yumserver ~]# createrepo --update /mirrors/extras/Packages
[root@yumserver ~]# createrepo --update /mirrors/updates/Packages
[root@yumserver ~]# createrepo --update /mirrors/epel/Packages
[root@yumserver ~]# createrepo --update /mirrors/centos-openstack-ocata
[root@yumserver ~]# createrepo --update /mirrors/centos-ceph-jewel
[root@yumserver ~]# createrepo --update /mirrors/centos-qemu-ev
2.安装 nginx 提供 yum 源服务
[root@yumserver ~]# yum -y install nginx
[root@yumserver ~]# vim /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /mirrors;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
autoindex on;
autoindex_exact_size off;
autoindex_localtime on;
charset utf-8,gbk;
index index.html;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}
建立首页文件,展示yum源
[root@yumserver ~]# vim /mirrors/index.html
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.1//EN" "http://www.w3.org/TR/xhtml11/DTD/xhtml11.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en">
<head>
<title>centos7网络源</title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
<style type="text/css">
/*<![CDATA[*/
body {
background-color: #fff;
color: #000;
font-size: 0.9em;
font-family: sans-serif,helvetica;
margin: 0;
padding: 0;
}
}
:link {
color: #c00;
}
:visited {
color: #c00;
}
a:hover {
color: #f50;
}
h1 {
text-align: center;
margin: 0;
padding: 0.6em 2em 0.4em;
background-color: #294172;
color: #fff;
font-weight: normal;
font-size: 1.75em;
border-bottom: 2px solid #000;
}
h1 strong {
font-weight: bold;
font-size: 1.5em;
}
h2 {
text-align: center;
background-color: #3C6EB4;
font-size: 1.1em;
font-weight: bold;
color: #fff;
margin: 0;
padding: 0.5em;
border-bottom: 2px solid #294172;
}
hr {
display: none;
}
.content {
padding: 1em 5em;
}
.alert {
border: 2px solid #000;
}
img {
border: 2px solid #fff;
padding: 2px;
margin: 2px;
}
a:hover img {
border: 2px solid #294172;
}
.logos {
margin: 1em;
text-align: center;
}
/*]]>*/
</style>
</head>
<body>
<h1>Centos7网络源!</h1>
<div class="content">
<p>此镜像站用于Linux学习过程中安装最新的centos7软件包,以及openstack-ocata软件包,所有软件包全部由aliyun同步而来!保证最新,下载速度特别快。</p>
<div class="alert">
<h2>Centos7_Base</h2>
<div class="content">
<p><a href="/base">点击查看软件包</a></p>
</div>
</div>
<div class="alert">
<h2>Centos7_extras</h2>
<div class="content">
<p><a href="/extras">点击查看软件包</a></p>
</div>
</div>
<div class="alert">
<h2>Centos7_updates</h2>
<div class="content">
<p><a href="/updates">点击查看软件包</a></p>
</div>
</div>
<div class="alert">
<h2>epel</h2>
<div class="content">
<p><a href="/epel">点击查看软件包</a></p>
</div>
</div>
<div class="alert">
<h2>Openstack-Ocata</h2>
<div class="content">
<p><a href="/centos-openstack-ocata">点击查看软件包</a></p>
</div>
</div>
<h1>Usage: wget -O /etc/yum.repos.d/CentOS-Base.repo <a href="/CentOS-Base.repo">http://192.168.100.100/CentOS-Base.repo</a></h1>
<div class="logos">
<img src="timg.png"
width="200" height="80" />
</div>
</div>
</body>
</html>
建立源文件
[root@yumserver ~]# vim /mirrors/Centos-Base.repo
[centos7_base]
name=localServer
baseurl=http://192.168.100.100/base/Packages
gpgcheck=0
enabled=1
[centos7_extras]
name=localServer
baseurl=http://192.168.100.100/extras/Packages
gpgcheck=0
enabled=1
[centos7_updates]
name=localServer
baseurl=http://192.168.100.100/updates/Packages
gpgcheck=0
enabled=1
[epel]
name=localServer
baseurl=http://192.168.100.100/epel/Packages
gpgcheck=0
enabled=1
[centos-openstack-ocata]
name=localServer
baseurl=http://192.168.100.100/centos-openstack-ocata
gpgcheck=0
enabled=1
[centos-ceph-jewel]
name=localServer
baseurl=http://192.168.100.100/centos-ceph-jewel
gpgcheck=0
enabled=1
[centos-qemu-ev]
name=localServer
baseurl=http://192.168.100.100/centos-qemu-ev
gpgcheck=0
enabled=1
访问 192.168.100.100 查看效果
3.编写脚本实现自动同步公网最新软件包
[root@yumserver ~]# vim /tmp/centos_yum_update.sh
#!/bin/bash
echo 'Updating Aliyum Source'
DATETIME=`date +%F_%T`
exec > /var/log/aliyumrepo_$DATETIME.log
reposync -np /mirrors
if [ $? -eq 0 ];then
createrepo --update /mirrors/base/Packages
createrepo --update /mirrors/extras/Packages
createrepo --update /mirrors/updates/Packages
createrepo --update /mirrors/epel/Packages
createrepo --update /mirrors/centos-openstack-ocata
createrepo --update /mirrors/centos-ceph-jewel
createrepo --update /mirrors/centos-qemu-ev
echo "SUCESS: $DATETIME aliyum_yum update successful"
else
echo "ERROR: $DATETIME aliyum_yum update failed"
fi
[root@yumserver ~]# chmod +x /tmp/centos_yum_update.sh
#设置计划任务
[root@yumserver ~]# crontab -e
0 0 * * 7 /tmp/centos_yum_update.sh //每周日 0 点开始同步
